Hi, > Richard Barnes <r...@ipv.sx> wrote: > > Finally, to be totally honest, I find the EDHOC spec pretty > inscrutable. A > > little more prose to explain what's going on would go a long way toward > > helping this discussion be productive. > > Sure. > Find a WG to adopt it, and we can make the text beautiful. > The packets are all there, and the references pretty much explain all the > crypto. > This stuff is not any newer than IKEv2.
I have only a quick look over the draft, but one thing strikes me - the protocol is claimed not to bound to a particular transport (so I assume that implementing it on top of pure UDP is fine), and it has an odd number of messages. That's OK from cryptographic point of view, but it's a headache for implementations if the transport protocol is unreliable, since in this case retransmissions must be sent by both parties. We learned this lesson from IKEv1 (Aggressive and Quick modes) and in IKEv2 the number of messages in any exchange is always even, that simplifies implementations and makes protocol more reliable. Of course if only reliable transports are considered, then this doesn't matter. Regards, Valery Smyslov. _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
